CVE-2026-0248

Summary

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.

The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPrisma Access Agent0 < 26.2.1affected
Palo Alto NetworksPrisma Access AgentAllunaffected

Weaknesses

  • CWE-295: CWE-295 Improper Certificate Validation

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References